Django Groups and Permissions. Extending Groups to have a FK?

Question

I'm working on a product that allows different schools to administer their content online.

Part of this involves setting up a role based access control logic which I've written myself. Essentially, each school has its own set of roles that have their own set of permissions. A user of the software could belong to mulitple schools with differing roles at any given time.

For various reasons, I want to ditch this and instead use Django's Groups and Permissions together with a library like django-guardian. The problem that I am facing is how should I go about extending the Groups model such that I can include a Foreign Key to each new school and still be able to use the helper methods in Django and also libraries like django-guardian.

One possibly approach I came up with is to simply create groups based on event names such as 'School 1 - Admin', 'School 1 - Teacher', 'School 2 - Admin', 'School 2 - Teacher' and query permissions based on this instead. Is there a good reason why I shouldn't do it this way?

Answer 1

Upon closer inspection, django-guardian was able to solve my needs. I wrote about my full implementation here: http://pragmaticstartup.wordpress.com/2012/06/26/django-guardian-a-full-access-control-logic-acl-example/